With ransomware attacks surging and 2024 on track to be one of the worst years on record, U.S. officials are seeking ways to counter the threat, in some cases, urging a new approach to ransom payments. From a report: Ann Neuberger, U.S. deputy national security adviser for cyber and emerging technologies, wrote in a recent Financial Times opinion piece, that insurance policies -- especially those covering ransomware payment reimbursements -- are fueling the very same criminal ecosystems they seek to mitigate. "This is a troubling practice that must end," she wrote, advocating for stricter cybersecurity requirements as a condition for coverage to discourage ransom payments.

Zeroing in on cyber insurance as a key area for reform comes as the U.S. government scrambles to find ways to disrupt ransomware networks. According to the latest report by the Office of the Director of National Intelligence, by mid-2024 more than 2,300 incidents already had been recorded -- nearly half targeting U.S. organizations -- suggesting that 2024 could exceed the 4,506 attacks recorded globally in 2023. Yet even as policymakers scrutinize insurance practices and explore broader measures to disrupt ransomware operations, businesses are still left to grapple with the immediate question when they are under attack: Pay the ransom and potentially incentivize future attacks or refuse and risk further damage.

For many organizations, deciding whether to pay a ransom is a difficult and urgent decision. "In 2024, I attended a briefing by the FBI where they continued to advise against paying a ransom," said Paul Underwood, vice president of security at IT services company Neovera. "However, after making that statement, they said that they understand that it's a business decision and that when companies make that decision, it is taking into account many more factors than just ethics and good business practices. Even the FBI understood that businesses need to do whatever it takes to get back to operations," Underwood said.

An anonymous reader shares a report: Byju Raveendran, the founder of the embattled edtech group Byju's, acknowledged on Thursday afternoon that he made mistakes, mistimed the market, overestimated growth potential and that his startup, once valued at $22 billion, is now effectively worth "zero."

Speaking to a group of journalists, Raveendran said the company's aggressive acquisition of more than two dozen startups to expand into new markets proved fatal when financing dried up in 2022. Byju's was planning to go public in early 2022 with several investment bankers giving the firm valuation as high as $50 billion, TechCrunch reported earlier.

He alleged that many of his more than 100 investors had urged him to pursue aggressive expansion into as many as 40 markets. But, he added, those very investors got cold feet when global markets tumbled following Russia's invasion of Ukraine, sending the venture capital market into a downward spiral.

India is expected to limit imports of laptops, tablets and personal computers after January, Reuters reported Friday citing government sources, a move to push companies such as Apple to increase domestic manufacturing. From the report: This plan, if implemented, could disrupt an industry worth $8 billion to $10 billion and reshape the dynamics of the IT hardware market in India, which is heavily reliant on imports. A similar plan to restrict imports was withdrawn last year following backlash from companies and lobbying from the United States. India has since monitored imports under a system set to expire this year and has asked firms to seek fresh approvals for imports next year. The government feels it has given the industry enough time to adapt, said the sources, who did not want to be identified as discussions are private.

An anonymous reader quotes a report from TechCrunch: Stripe is in talks to acquire stablecoin platform Bridge for a whopping $1 billion, according to Forbes (paypalled). The talks are reportedly in advanced stages, although nothing has been finalized. Bridge, co-founded by Coinbase alumni Zach Abrams and Sean Yu, has built an API that helps companies accept stablecoins. The pair raised $58 million from investors like Index Ventures and Sequoia Capital, according to PitchBook. If the deal with Stripe goes through, it would be a huge jump from Bridge's $200 million valuation, as well as being Stripe's largest acquisition to date.

AWS CEO Matt Garman has harsh words for remote workers: return to the office or quit. TechCrunch: The Amazon executive recently told employees who don't like the new five-day in-person work policy that, "there are other companies around," presumably companies they can work for remotely, Reuters reported on Thursday. Amazon's top boss, Andy Jassy, told employees last month that there will be a full return-to-office starting in 2025, an increase from three days for roughly the last year.

404 Media journalist and Slashdot contributor samleecole shares a report: After an exodus of employees at Automattic who disagreed with CEO Matt Mullenweg's recently divisive legal battle with WP Engine, he's upped the ante with another buyout offer -- and a threat that employees speaking to the press should "exit gracefully, or be fired tomorrow with no severance." Earlier this month, Mullenweg posed an "Alignment Offer" to all of his employees: Stand with him through a messy legal drama that's still unfolding, or leave. "It became clear a good chunk of my Automattic colleagues disagreed with me and our actions," he wrote on his personal blog on Oct. 3, referring to the ongoing dispute between himself and website hosting platform WP Engine, which Mullenweg called a "cancer to WordPress" and accusing WP Engine of "strip-mining the WordPress ecosystem. In the last month, he and WP Engine have volleyed cease and desist letters, and WP Engine is now suing Automattic, accusing Mullenweg of extortion and abuse of power.

"I'm certain that Matt hasn't eliminated all dissenters, because I'm still there, but I expect that within the next six to twelve months, everyone who didn't leave but wasn't 'aligned' will have found a new job and left on their own terms," a current employee told 404 Media. "My personal morale has never been lower at this job, and I know that I'm not alone." Mullenweg himself, in internal screenshots viewed by 404 Media, acknowledged that his first "Alignment Offer" did not make everyone who disagreed with him leave the company. On Wednesday Mullenweg posted another ultimatum in Automattic's Slack: a new offer that would include nine months of compensation (up from the previous offer of six months). "We have technical means to identify the leaker as well, that I obviously can't disclose," he continued. "So this is their opportunity to exit gracefully, or be fired tomorrow with no severance and probably a big legal case for violating confidentiality agreement."

An anonymous reader quotes a report from MacRumors: Apple today reminded developers that the EU trader requirement in the European Union is now being enforced. Developers who distribute apps in the EU will now need to share information that includes address, phone number, and email address on the EU App Store. Submitting updates for apps on the App Store in the European Union now requires trader information that's added via App Store Connect, with those details shared on each developer's App Store page. App updates can no longer be submitted without trader information, and starting on February 17, 2025, apps that do not have a trader status set will be removed from the App Store in the EU until trader status is provided and verified.

The Digital Services Act (DSA) in the European Union requires Apple to verify and display trader contact information for all "traders" who are distributing apps on the App Store in the European Union. Developers who make money from the App Store through either an upfront purchase price or through in-app purchases are considered traders, regardless of size. Contact information for each developer that is considered a trader will be publicly available, and there will undoubtedly be some developers that are unhappy with the requirement. Independent developers and small companies may not have dedicated business addresses and phone numbers to provide, and will likely be reluctant to provide their personal contact information. You can learn more about the requirements on Apple's website.

The business world's favourite software program enters its 40th year. The Economist: Excel has featured in plenty of workplace blunders -- though its defenders will be quick to blame human error. The financial world is littered with tales of costly spreadsheet errors. Excel has also been blamed for botching gene names in over a third of genomics papers (because it labelled them as dates); underreporting covid-19 cases in England (because it only had a limited number of rows in which to record the results); and disrupting the trial of January 6th rioters in America (because sensitive information was left in hidden cells).

Such snafus have not dented Excel's dominance. Might artificial intelligence (AI) steal its crown? With whizzy new tools powered by the technology promising to make data analysis easier, the familiar grid of numbers and calculations could soon feel outdated. Rather than replacing spreadsheets, though, AI might make them even better. Last month Microsoft introduced an AI assistant for Excel which lets users crunch data using natural-language prompts. Excel, and its faithful, aren't ready to be filtered out just yet.

South Korea will prepare stronger measures in a bid to prevent overseas leaks of business secrets amid intensifying competition for advanced technologies, the finance minister said on Thursday. From a report: "We will prevent illegal leaks of advanced technologies to raise the global competitiveness of our companies and strengthen technology leadership," Minister Choi Sang-mok said.

The government will set up a "big data" system aimed at preventing technology leaks at the patent agency and introduce new regulations to ensure stronger punishment for culprits, Choi said. He did not specify what the stronger penalties would be under the new regulations. In the past five years, there have been 97 attempts to leak business secrets to a foreign country, with 40 of them in the semiconductor industry, according to the National Intelligence Service.

An anonymous reader quotes a report from Wired: Real-time video deepfakes are a growing threat for governments, businesses, and individuals. Recently, the chairman of the US Senate Committee on Foreign Relations mistakenly took a video call with someone pretending to be a Ukrainian official. An international engineering company lost millions of dollars earlier in 2024 when one employee was tricked by a deepfake video call. Also, romance scams targeting everyday individuals have employed similar techniques. "It's probably only a matter of months before we're going to start seeing an explosion of deepfake video, face-to-face fraud," says Ben Colman, CEO and cofounder at Reality Defender. When it comes to video calls, especially in high-stakes situations, seeing should not be believing.

The startup is laser-focused on partnering with business and government clients to help thwart AI-powered deepfakes. Even with this core mission, Colman doesn't want his company to be seen as more broadly standing against artificial intelligence developments. "We're very pro-AI," he says. "We think that 99.999 percent of use cases are transformational -- for medicine, for productivity, for creativity -- but in these kinds of very, very small edge cases the risks are disproportionately bad." Reality Defender's plan for the real-time detector is to start with a plug-in for Zoom that can make active predictions about whether others on a video call are real or AI-powered impersonations. The company is currently working on benchmarking the tool to determine how accurately it discerns real video participants from fake ones. Unfortunately, it's not something you'll likely be able to try out soon. The new software feature will only be available in beta for some of the startup's clients.

As Reality Defender works to improve the detection accuracy of its models, Colman says that access to more data is a critical challenge to overcome -- a common refrain from the current batch of AI-focused startups. He's hopeful more partnerships will fill in these gaps, and without specifics, hints at multiple new deals likely coming next year. After ElevenLabs was tied to a deepfake voice call of US president Joe Biden, the AI-audio startup struck a deal with Reality Defender to mitigate potential misuse. [...] "We don't ask my 80-year-old mother to flag ransomware in an email," says Colman. "Because she's not a computer science expert." In the future, it's possible real-time video authentication, if AI detection continues to improve and shows to be reliably accurate, will be as taken for granted as that malware scanner quietly humming along in the background of your email inbox.

An anonymous reader quotes a report from Reuters: Robinhood launched its long-awaited desktop platform and added futures and index options trading features to its mobile app on Wednesday, as the fintech firm aims to take market share from traditional brokerages. The 11-year-old commission-free trading app, which became synonymous with mom-and-pop investors in 2021, is now seeking to mature into a full-fledged financial services provider and compete with established brokerages that serve institutional investors. The Menlo Park, California-based company said its desktop trading platform, dubbed "Robinhood Legend," will focus on active traders.

The platform, available at no additional cost, will offer advanced trading tools, real-time data, as well as custom and preset layouts. Meanwhile, the app will allow users to trade futures on the benchmark S&P 500 index, oil and bitcoin, among others. Customers can also trade index options. [...] Subscribers to Robinhood's premium Gold tier will be able to trade futures for as low as 50 cents per contract, while non-Gold users will need to pay a commission of 75 cents. You can tune in to the company's live product announcement on YouTube.

Apple is enhancing its Business Connect tool, allowing companies to customize how they appear in emails, phone calls, and payment interfaces on iPhones. The Verge reports: Each registered business can confirm its info is accurate and add additional details like photos or special offers. Collecting verified, up-to-date business information could be useful for Apple if it ever launches its own search engine or inside features for Apple Intelligence instead of sending users to outside sources like Google, Yelp, or Meta. Branded Mail is a feature businesses can sign up for today before it starts rolling out to users later this year, potentially making emails easier to identify in a sea of unread messages.

Additionally, if companies opt into Business Caller ID, Apple will display their name, logo, and department on an iPhone's inbound call screen. This feature should come in handy when you're trying to figure out whether the random number that's calling you is spam, or if it's a legitimate business. It will start rolling out next year. A smaller update coming to Apple's Tap to Pay service will let companies show their logo when accepting payments instead of just displaying a category icon. You can read more about it in Apple's press release.

An anonymous reader quotes a report from 404 Media: The code that runs Redbox DVD rental machines has been dumped online, and, in the wake of the company's bankruptcy, a community of tinkerers and reverse engineers are probing the operating system to learn how it works. Naturally, one of the first things people did was make one of the machines run Doom. As has been detailed in several great articles elsewhere, the end of Redbox has been a clusterfuck, with pharmacies, grocery stores, and other retailers stuck with very large, heavy, abandoned DVD rental kiosks. To many people's surprise, many of the kiosks remain operational even with the bankruptcy of Redbox's parent company, which has led some people to "liberate" DVDs from the abandoned kiosks. Reddit is full of posts by people who say they have taken dozens of DVDs from kiosks all over the country. Free DVDs is one thing. But in recent days, people have realized that they can, in some cases, get free Redbox kiosks. In an August filing, Walgreens told the bankruptcy court that it has 5,400 abandoned kiosks at its stores, and that it is spending $184,000 a month keeping them powered. "Walgreens should not be required to continue to 'store' and power Redbox kiosks across the country without any form of payment," the company wrote. And so tinkerers and reverse engineers have begun asking stores whether they can take the devices off their hands. There are also posts on Reddit by contractors who are selling them, and I was able to find various Redbox DVD kiosks being advertised for sale on Facebook Marketplace. (There are far more listings on Facebook Marketplace from people who have obtained hundreds or thousands of Redbox DVDs and are now selling them.)

Recently the operating system for Redbox kiosks was dumped online, and this community is now probing it to see how it works. In a thread on Mastodon, reverse engineer Foone Turing has been posting some of her findings, which include the fact that Redbox machines contain a file that has "a complete list of titles ever rented, and the email addresses of the people who rented them, and where and when." She also found that the first six and last four digits of credit card information was logged. She said that the records on the particular unit that she was looking at contained 2,471 different transactions and had records on it dating back to 2015. Other reverse engineers have found that Redbox kiosks contained information about the physical locations of every other kiosk. The server that they communicated with is currently offline (because the company is bankrupt). But people have also been putting together information about what different error codes in the software mean (for example, the error code "0020BDT" would happen when an obstruction was detected in the machine). They have also found and dumped service manuals for different parts of the device and have found a few login passwords (one password is "US#1Choice4movierentals"). [...] There has also been discussion about how the machines could be modified to talk to a new server, or whether the operating system could be put on a DIY Redbox device. Another person installed Minecraft on their Redbox. It is still very early days, but, with the bankruptcy of Redbox's parent company, ironically these devices are being given new life.

An anonymous reader shares a report: Households on individual streets will be targeted with personalised adverts under plans being rolled out by Channel 4. The channel is to use new technology which will allow brands to tailor who sees their advert by enabling them to select a demographic within a specific location down to street level. For example, someone watching Made in Chelsea on Channel 4's streaming service could be served an ad for a fashion brand in a local outlet to them if a particular fashion trend is being discussed.

Advertisers can further optimise their campaign by selecting from 26 programme genres, as well as time of day and device the show is being watched on. It forms part of a wider update to Channel 4's streaming platform that the broadcaster hopes could boost revenues by as much as $13m. The company will launch a new private marketplace enabling brands to buy advertising space directly in real-time. This will allow advertisers to amend their campaigns to respond to events, whether that be real-world events such as local weather or developments in fictional storylines within TV shows. Channel 4's new ad targeting also includes more detailed data to track whether a viewer has made a purchase after seeing an ad, as well as new viewer profiles for brands to target.

AeroGarden, which sells Wi-Fi-connected indoor gardening systems, is going out of business on January 1. While Scotts Miracle-Gro has continued selling AeroGarden products after announcing the impending shutdown, the future of the devices' companion app is uncertain.

Digital River has not paid numerous merchants since midsummer for software and digital products they sold through its MyCommerce platform. The Register: "After over 20 years of partnership with Digital River, Traction Software Ltd has been left feeling as though we've been 'rug pulled,'" Lee Midgley, managing director of Traction Software, told The Register. "For the past three months, we've experienced a complete halt in software sales revenue payments with no support, no direct contact, and only additional terms and conditions designed to delay resolution and extract more money from us.

"Astonishingly, Digital River continued to take sales from our loyal customers until we removed them from the order system. It now appears they have no intention of making payments and may be entering a liquidation process under a new CEO who has been involved in similar situations before."

The new CEO, Barry Kasoff, was first noted on the e-commerce biz website in August. Kasoff is also listed as the president of Realization Services, "a full-service strategic consulting firm specializing in turnaround management and value enhancement..." The privately-owned, Minnesota-based business appears to have laid off a significant number of employees, presumably the result of what its UK subsidiary describes as cost reduction initiatives implemented in late 2022.

An anonymous reader quotes a report from NPR: There's a valley in rural southwest Utah that's become a hub for renewable energy. Dozens of tall white wind turbines whoosh up in the sky. A sea of solar panels glistens in the distance. But the new kid on the block is mostly hidden underground. From the surface, Fervo Energy's Cape Station looks more or less like an oil derrick, with a thin metal tower rising above the sagebrush steppe. But this $2 billion geothermal project, which broke ground last year, is not drilling for gas. It's drilling for underground heat that CEO Tim Latimer believes holds the key to generating carbon-free power -- lots of it.

"Just these three well pads alone will produce 100 megawatts of electricity. Around-the-clock, 24/7 electricity," he said. Latimer stood overlooking the project, which is currently under construction, on one of the drill rig's metal platforms 40 feet off the ground. This well is one of the 24 Fervo is in the process of completing at Cape Station to harness the Earth's natural heat and generate electricity. This isn't the type of geothermal that's already active in volcanic hot spots like Iceland or The Geysers project in California. It's called an enhanced geothermal system. Cold water goes down into a well that curves like a hockey stick as it reaches more than 13,000 feet underground. Then the water squeezes through cracks in 400-degree rock. The water heats up and returns to the surface through a second well that runs parallel to the first. That creates steam that turns turbines to produce electricity, and the water gets sent back underground in a closed loop.

This horizontal well technique has been pioneered at a $300 million federal research project called Utah FORGE located in this same valley, which has paved the way for private companies to take the tech and run with it. Recent innovations like better drill bits -- made with synthetic diamonds to eat through hard subterranean granite -- have helped Fervo drill its latest well in a quarter of the time that it took just a couple of years ago. That efficiency has meant an 80% drop in drilling costs, Latimer said. Last year, Fervo's pilot project in Nevada used similar techniques to begin sending electricity to a Google data center. And the company's early tests at Cape Station in Utah show the new project can produce power at triple the rate of its Nevada pilot. "This is now a proven tech. That's not a statement you could have made two or three years ago," Latimer said. "Now, it just comes down to how do we get more of these megawatts on the grid so we have a bigger impact?" The report notes that Fervo signed a landmark deal with Southern California Edison, one of the country's largest electric utilities with 15 million customers. "It will send the first 70 megawatts of geothermal juice to the grid in 2026," reports NPR. "By the time the project is fully completed in 2028, this Utah plant will deliver 320 megawatts total -- enough to power 350,000 homes. The project's full output will be 400 megawatts."

An anonymous reader quotes a report from Reuters: Global sales of fully electric and plug-in hybrid vehicles rose by an annual 30.5% in September, as China surpassed its record numbers recorded in August and Europe resumed growth, market research firm Rho Motion said on Tuesday. Gains in the U.S. market have been slow and steady in anticipation of the Nov. 5 election, which makes it difficult to predict future trends in the country, data manager Charles Lester told Reuters. EVs -- whether fully electric (BEV) or plug-in hybrids (PHEVs) -- sold worldwide reached 1.69 million in September, Rho Motion data showed.

Sales in China jumped 47.9% in September and reached 1.12 million vehicles, while in the United States and Canada they were up 4.3% to 0.15 million. In Europe, EV sales rose 4.2% to 0.3 million units, thanks to a 24% jump in the United Kingdom and gains in Italy, Germany and Denmark, Lester said. In the Chinese market, the penetration rate of BEV and PHEV is growing faster than some expected and sales "could be a record every month until the end of the year", Lester said. He added that Germany's 7% year-on-year growth was "definitely positive news", and that intermediate carbon emission reduction goals set in the EU for next year will test the bloc's market.

In a David vs. Goliath legal battle, AI powerhouse OpenAI is squaring off against a little-known entrepreneur who claims he conceived the company's name and mission months before its star-studded launch. Guy Ravine, a self-taught programmer with a history of near-misses in tech, registered the domain open.ai in March 2015. He envisioned a collaborative platform to develop artificial general intelligence (AGI) for the benefit of humanity. By year's end, Ravine had pitched his "Open AI" concept to industry luminaries and filed for a trademark. Then, in December 2015, Sam Altman and Greg Brockman announced the creation of OpenAI, backed by a promised billion dollars from Elon Musk and others.

The similarity was uncanny -- a non-profit aimed at developing AGI for the public good. "What the f---?" Ravine recalls thinking. He claims his idea was stolen, while OpenAI dismisses him as an opportunistic "troll" and a "fraud." The ensuing legal battle has consumed Ravine's life, Bloomberg Businessweek covers in great detail, and has raised thorny questions about idea ownership in Silicon Valley. It also casts a shadow over OpenAI's origin story as the company, now valued at $157 billion, shifts from its non-profit roots to a for-profit juggernaut. "It's humanity's asset," Ravine insists. "It's not his [Altman's] asset." For now, a judge has barred Ravine from using "Open AI" while the suit proceeds, but the inventor has vowed to fight on against what he calls "the most feared law firm in the world." An amusing excerpt from the story: But Ravine had poked the bear, and as he packed up his house on Aug. 11, 2023, he opened an email from a lawyer at the firm Quinn Emanuel Urquhart & Sullivan LLP, informing him that OpenAI was suing him in federal court over the domain and trademark. "I'm like, what the f---?" Ravine recalls. Altman, he says, "could have had it for free" -- or at least for the cost of a donation. "Instead, he decided to donate millions of dollars to literally the most feared law firm in the world, to sue me."

Again and again in our conversations, he returns to that phrase: "the most feared law firm in the world." Finally, I ask him how he knows this. He turns his laptop toward me and pulls up the email. The signature reads "Quinn Emanuel Urquhart & Sullivan LLP: Most Feared Law Firm in the World."

An anonymous reader quotes a report from CBC News: The murder trial of a tech consultant in the stabbing death of Cash App founder Bob Lee begins Monday, a year and a half after the widely admired entrepreneur was found staggering on a deserted downtown San Francisco street seeking help. Lee's death at age 43 stunned the tech community, and fellow executives and engineers penned tributes to his generosity and brilliance. Lee was chief product officer of cryptocurrency platform MobileCoin when he died. He was a father to two children.

Prosecutors say Nima Momeni, 40, planned the April 4 attack after a dispute over his younger sister, Khazar, with whom Lee was friends. They say Momeni took a knife from his sister's condo, drove Lee to a secluded area and stabbed him three times, then fled. Defence lawyers disagree, and they say that Lee, high on drugs, attacked Momeni. "Our theory is that Bob had the knife, and that Nima acted in self defence," attorney Saam Zangeneh said.

He said his client is eager to tell his side of the story, but they haven't decided whether Momeni will testify in his defence. Momeni, who lives in nearby Emeryville, Calif., has been in custody since his arrest days after Lee died at a San Francisco hospital. Momeni's mother has been a steadfast presence at court hearings, and he is close to his sister. [...] Momeni, who has pleaded not guilty, faces 26 years to life if convicted. San Francisco Superior Court Judge Alexandra Gordon has told jurors the trial could last until mid-December.